Interactive data connections, live video and multimedia are seen as core applications that drive the construction of future mobile access networks. A promise to the consumer is to be able to access the same services everywhere and to be able to move seamlessly from a home or office having a high-speed Internet connection to remote areas having only a narrowband wireless coverage. However, a major technical challenge in providing such services is the variable quality of service (QoS) provided by such mobile access networks. Particularly, network latency can make interactive services unusable and high variations in the latency (i.e., “jitter”) can create problems for real-time services, such as video streaming.
One major source of network latency and jitter is introduced by security mechanisms. Most network operators charge for access to their networks. Therefore, it is typically desirable to fully authenticate a user before granting the user access to network services. Such authentication is termed “full authentication” herein and may include without limitation authentication through login validation, anonymous or non-anonymous verification of access authorization or previous payment, or acceptance of electronic or credit card payment for the access to the network.
Furthermore, when a wireless mobile user moves between network base stations of a network or of different networks, the user must be re-authenticated before access to the network is granted through the new network base station. Re-authentication may include, for example, confirming with an on-line accounting system or bank that the user has paid for services or is otherwise eligible to access the network. However, the significant delay introduced by this re-authentication operation at each base station is undesirable and decreases the QoS experienced by the mobile user. Furthermore, the complex cryptographic operations required of the mobile device in a full authentication scheme are slow on low-power processors, which are often used on mobile devices to conserve battery power.
In contrast, some existing networks do not require re-authentication to grant access. Instead, such networks provide so-called “optimistic service” before the user has been re-authenticated. That is, a user can gain access to the network during a reasonably short period of time prior to re-authentication. However, without some reliable but quick authentication, malicious users can take advantage of optimistic service schemes by generating a high volume of such optimistic service periods to get free service.